dependabot-common 0.118.4 → 0.118.10
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6bf00c49b6a7615783788e0edc1d0325e3dd945460626e38f9512b026a340e79
|
4
|
+
data.tar.gz: ca87c4a1ef3c2f02136eb5c7bb3784c41818a64dfadd184d4008afa8518a8635
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 699aeb3bb3638e7e478dd54e84cc926227cf664db0c010b76dd7cd2db7edc7b5d0dd4d6b17ee956ef42502911de5a84456537a6a899529b61983d4ce84976ade
|
7
|
+
data.tar.gz: 9e4db06775ac8ed1f5c43bc200706b26add29716bf2fcf961503be58f9ae24289532635527deca020752f7b106117b0d8b4816fa8f2720df0082569bb8397481
|
@@ -47,7 +47,6 @@ module Dependabot
|
|
47
47
|
|
48
48
|
attr_reader :url, :credentials
|
49
49
|
|
50
|
-
# rubocop:disable Metrics/CyclomaticComplexity
|
51
50
|
# rubocop:disable Metrics/PerceivedComplexity
|
52
51
|
def fetch_upload_pack_for(uri)
|
53
52
|
response = fetch_raw_upload_pack_for(uri)
|
@@ -79,7 +78,6 @@ module Dependabot
|
|
79
78
|
|
80
79
|
raise Dependabot::GitDependenciesNotReachable, [uri]
|
81
80
|
end
|
82
|
-
# rubocop:enable Metrics/CyclomaticComplexity
|
83
81
|
# rubocop:enable Metrics/PerceivedComplexity
|
84
82
|
|
85
83
|
def fetch_raw_upload_pack_for(uri)
|
@@ -76,7 +76,6 @@ module Dependabot
|
|
76
76
|
|
77
77
|
private
|
78
78
|
|
79
|
-
# rubocop:disable Metrics/CyclomaticComplexity
|
80
79
|
# rubocop:disable Metrics/PerceivedComplexity
|
81
80
|
def changelog
|
82
81
|
return unless changelog_from_suggested_url || source
|
@@ -98,7 +97,6 @@ module Dependabot
|
|
98
97
|
# Fall back to the changelog (or nil) from the default branch
|
99
98
|
default_branch_changelog
|
100
99
|
end
|
101
|
-
# rubocop:enable Metrics/CyclomaticComplexity
|
102
100
|
# rubocop:enable Metrics/PerceivedComplexity
|
103
101
|
|
104
102
|
def changelog_from_suggested_url
|
@@ -89,21 +89,9 @@ module Dependabot
|
|
89
89
|
@automerge_candidate
|
90
90
|
end
|
91
91
|
|
92
|
-
# rubocop:disable Metrics/PerceivedComplexity
|
93
92
|
def update_type
|
94
93
|
return unless dependencies.any?(&:previous_version)
|
95
94
|
|
96
|
-
precision = dependencies.map do |dep|
|
97
|
-
new_version_parts = version(dep).split(".")
|
98
|
-
old_version_parts = previous_version(dep)&.split(".") || []
|
99
|
-
all_parts = new_version_parts.first(3) + old_version_parts.first(3)
|
100
|
-
next 0 unless all_parts.all? { |part| part.to_i.to_s == part }
|
101
|
-
next 1 if new_version_parts[0] != old_version_parts[0]
|
102
|
-
next 2 if new_version_parts[1] != old_version_parts[1]
|
103
|
-
|
104
|
-
3
|
105
|
-
end.min
|
106
|
-
|
107
95
|
case precision
|
108
96
|
when 0 then "non-semver"
|
109
97
|
when 1 then "major"
|
@@ -112,7 +100,18 @@ module Dependabot
|
|
112
100
|
end
|
113
101
|
end
|
114
102
|
|
115
|
-
|
103
|
+
def precision
|
104
|
+
dependencies.map do |dep|
|
105
|
+
new_version_parts = version(dep).split(/[.+]/)
|
106
|
+
old_version_parts = previous_version(dep)&.split(/[.+]/) || []
|
107
|
+
all_parts = new_version_parts.first(3) + old_version_parts.first(3)
|
108
|
+
next 0 unless all_parts.all? { |part| part.to_i.to_s == part }
|
109
|
+
next 1 if new_version_parts[0] != old_version_parts[0]
|
110
|
+
next 2 if new_version_parts[1] != old_version_parts[1]
|
111
|
+
|
112
|
+
3
|
113
|
+
end.min
|
114
|
+
end
|
116
115
|
|
117
116
|
def version(dep)
|
118
117
|
return dep.version if version_class.correct?(dep.version)
|
@@ -192,8 +191,10 @@ module Dependabot
|
|
192
191
|
!security_label.nil?
|
193
192
|
end
|
194
193
|
|
194
|
+
# Find the exact match first and then fallback to * security* label
|
195
195
|
def security_label
|
196
|
-
labels.find { |l| l
|
196
|
+
labels.find { |l| l == DEFAULT_SECURITY_LABEL } ||
|
197
|
+
labels.find { |l| l.match?(/security/i) }
|
197
198
|
end
|
198
199
|
|
199
200
|
def label_update_type?
|
data/lib/dependabot/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-common
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.118.
|
4
|
+
version: 0.118.10
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-08-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-codecommit
|
@@ -104,28 +104,28 @@ dependencies:
|
|
104
104
|
requirements:
|
105
105
|
- - "~>"
|
106
106
|
- !ruby/object:Gem::Version
|
107
|
-
version: '0.
|
107
|
+
version: '0.75'
|
108
108
|
type: :runtime
|
109
109
|
prerelease: false
|
110
110
|
version_requirements: !ruby/object:Gem::Requirement
|
111
111
|
requirements:
|
112
112
|
- - "~>"
|
113
113
|
- !ruby/object:Gem::Version
|
114
|
-
version: '0.
|
114
|
+
version: '0.75'
|
115
115
|
- !ruby/object:Gem::Dependency
|
116
116
|
name: gitlab
|
117
117
|
requirement: !ruby/object:Gem::Requirement
|
118
118
|
requirements:
|
119
119
|
- - '='
|
120
120
|
- !ruby/object:Gem::Version
|
121
|
-
version: 4.
|
121
|
+
version: 4.16.1
|
122
122
|
type: :runtime
|
123
123
|
prerelease: false
|
124
124
|
version_requirements: !ruby/object:Gem::Requirement
|
125
125
|
requirements:
|
126
126
|
- - '='
|
127
127
|
- !ruby/object:Gem::Version
|
128
|
-
version: 4.
|
128
|
+
version: 4.16.1
|
129
129
|
- !ruby/object:Gem::Dependency
|
130
130
|
name: nokogiri
|
131
131
|
requirement: !ruby/object:Gem::Requirement
|
@@ -286,34 +286,20 @@ dependencies:
|
|
286
286
|
- - "~>"
|
287
287
|
- !ruby/object:Gem::Version
|
288
288
|
version: '1.2'
|
289
|
-
- !ruby/object:Gem::Dependency
|
290
|
-
name: rspec_junit_formatter
|
291
|
-
requirement: !ruby/object:Gem::Requirement
|
292
|
-
requirements:
|
293
|
-
- - "~>"
|
294
|
-
- !ruby/object:Gem::Version
|
295
|
-
version: '0.4'
|
296
|
-
type: :development
|
297
|
-
prerelease: false
|
298
|
-
version_requirements: !ruby/object:Gem::Requirement
|
299
|
-
requirements:
|
300
|
-
- - "~>"
|
301
|
-
- !ruby/object:Gem::Version
|
302
|
-
version: '0.4'
|
303
289
|
- !ruby/object:Gem::Dependency
|
304
290
|
name: rubocop
|
305
291
|
requirement: !ruby/object:Gem::Requirement
|
306
292
|
requirements:
|
307
293
|
- - "~>"
|
308
294
|
- !ruby/object:Gem::Version
|
309
|
-
version: 0.
|
295
|
+
version: 0.88.0
|
310
296
|
type: :development
|
311
297
|
prerelease: false
|
312
298
|
version_requirements: !ruby/object:Gem::Requirement
|
313
299
|
requirements:
|
314
300
|
- - "~>"
|
315
301
|
- !ruby/object:Gem::Version
|
316
|
-
version: 0.
|
302
|
+
version: 0.88.0
|
317
303
|
- !ruby/object:Gem::Dependency
|
318
304
|
name: vcr
|
319
305
|
requirement: !ruby/object:Gem::Requirement
|
@@ -422,7 +408,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
422
408
|
- !ruby/object:Gem::Version
|
423
409
|
version: 2.7.3
|
424
410
|
requirements: []
|
425
|
-
rubygems_version: 3.
|
411
|
+
rubygems_version: 3.1.2
|
426
412
|
signing_key:
|
427
413
|
specification_version: 4
|
428
414
|
summary: Shared code used between Dependabot package managers
|